Abstract: A biometric authentication system may include a centralized database including stored biometric signature information for authenticating a user of one or more external systems. The biometric authentication system may extract data attributes from a biometric signature of the user and compare them to the stored biometric signature information in the database. The biometric authentication system may identify user identifier information associated with a signature key stored of the stored biometric signature information that matches the data attributes to authenticate the user to access secure information.

Abstract: An operation method of a first communication node in a communication system may comprise estimating a channel state between the first communication node and a second communication node based on a pilot signal received from the second communication node; generating a first channel codebook based on the estimated channel state; transmitting information of the first channel codebook to the second communication node; receiving a response indicating whether the first channel codebook is to be used from the second communication node; when the response is an ACK indicating that the first channel codebook is to be used, generating a first secret key by using the first channel codebook; and transmitting data encrypted using the first secret key to the second communication node.

Abstract: A distributed database receives a first command and second command sent by a client for processing in the context of a transaction. The distributed database validates the transaction by computing a digest based on signatures of the first and second commands, and comparing the computed digest to a digest received from the client. The transaction is committed upon validation.

Abstract: A computer-based system and method for performing an offline login to a local device, including: generating a pair of an auxiliary (AUX) public key and an AUX private key; receiving a password at the local device; reconstructing a symmetric key from a first value stored on the local device and a second value stored on an authenticator; encrypting the password with the AUX public key to obtain a locally encrypted password; encrypting the AUX private key with the symmetric key to obtain an encrypted AUX private key; and deleting the symmetric key, and when performing the offline login: reconstructing the symmetric key; decrypting the encrypted AUX private key with the symmetric key to obtain the AUX private key; decrypting the locally encrypted password with the AUX private key to obtain the password; and using the password to perform the offline login.

Abstract: Biometric data such as iris, facial, or fingerprint data may be obtained from a user. A public code may be generated from the biometric data, but does not obtain any of the biometric data or information that can be used to identify the user. The public code includes information that can be used to extract from the biometric data a biometric code that is suitable for bitwise comparison. Neither the underlying biometric data nor information from which the biometric data may be determined is stored as only the public code and the actual biometric feature of the user is required to generate the biometric code.

Abstract: A method for obtaining a valid global state for a distributed database, wherein the distributed database includes main nodes storing a complete dataset, and a plurality of subsets of nodes configured to store a part of the dataset, including: a. receiving a request for providing a valid global state of the distributed database, b. determining a first local state for each subset based on status information of nodes of the respective subset regarding the respective part of the dataset, c. combining these first local states of all subsets to a first combined state, d. determining a global state by the main nodes based on status information of the main nodes regarding the stored dataset, e. verifying the first combined state by matching the first combined state with the global state and f. outputting the first combined state as valid global state for the distributed database depending on the verification.

Abstract: A solid-state imaging device adapted to encrypt data is described. The solid-state imaging device may include a sensor die comprising an array of imaging pixels formed on a first side of the sensor die and first wiring layers formed on a second side of the sensor die, wherein at least one of the imaging pixels is configured to generate specific signals; a logic die comprising second wiring layers formed on a first side of the logic die; and an encryption processor on the logic die configured to generate encrypted data using the specific signals. The first side of the logic die may be mounted adjacent to the second side of the sensor die and the first wiring layers electrically connect to the second wiring layers, wherein the at least one of the imaging pixels, the encryption processor, and a connecting conductor in which the specific signals pass through from the at least one of the imaging pixels to the encryption processor are located interior to the solid-state imaging device.

Abstract: An intelligent face recognition system for an installed security system can include a camera and a local or remote video processor including a face recognition engine. The video processor can be configured to receive the image information from the one or more cameras, and generate an alert for communication to a user device based on a recognition event in the environment. In an example, the face recognition engine is configured to apply machine learning to analyze images from the camera and determine whether the images include or correspond to an enrolled face, and the face recognition engine is configured to provide the recognition event based on the determination.

Abstract: A mobile passport, mobile passport generation system for generating same, and mobile passport certification method enable increased convenience for certifying passports. The passport is generated by digitalizing passport information written in an actual passport, thereby eliminating the risk of losing the passport, and with which the certification of a passport for a foreign tourist is carried out by scanning or inputting the digitalized passport information. A mobile passport, which includes a QR code including passport information, a photo writing unit, a country writing unit, and a manual certification number, is generated by using a mobile passport generation system which includes a mobile passport generation unit, a password generation unit, a mobile passport management server, and a terminal. The identity of a passport holder can be checked by checking the QR code, the manual certification number, a coupon number, and a tax return transaction number associated with the generated mobile passport.

Abstract: Disclosed are exemplary embodiments of systems and methods for facilitating a transaction for the purchase of a product through an unattended vendor. One exemplary method includes capturing a facial image of a user and identifying the user based on the captured facial image. The method then includes compiling a pre-authorization request including credential associated with an account for the user and a first amount and, upon receipt of an approval of the request, manipulating a locking mechanism coupled to a container associated with the unattended vendor to permit access by the user to products included in the container. The method further includes capturing an image of a product removed from the container, identifying the product based on the image, and compiling an authorization request for purchase of the product based on the credential and a second amount associated with the price of the removed product.

Abstract: Methods, devices and systems for enabling a specific registered user to log into a computerized system having multiple registered users by continuously staring at a display associated with the computerized system for at least a pre-determined threshold duration, without requiring any input other than staring to initiate the login process, and without requiring the user to provide any additional login information or authentication information.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for receiving user input indicating a first user selection of a first form of biometric authentication from a plurality of forms of biometric authentication, providing a first interface for display on a user device, the first interface corresponding to the first form, receiving first biometric data, the first biometric data being provided using the first interface, and selectively enabling communication between the user device and a back-end system based on the first biometric data.

Abstract: A computing device stores a captured image as a transient image template when there is a failure in an image-based authentication of the captured image and the user of the computing device has provided user credentials that authorize the user to access the computing device. The transient image template may be used to further authorize the user to access the computing device during an established time period.

Abstract: A method for updating biometric authentication data authenticates an input image using an enrollment database (DB) over a first length of time, the authentication including generating information for authenticating the input image, and updates the enrollment DB based on the first length time and the information for authenticating the input image.

Abstract: Embodiments of the inventive concept provide a system and method that verifies a user through a security token combined with biometric information processing techniques capable of changing and canceling the conventional encryption key without storing biometric information-related data corresponding to a user's personal information.

Abstract: Embodiments for providing secure communicate between a remote system in a private network by a mobile device using a mobile app using a short message service (SMS) protocol without using Internet Protocol (IP) communications. The mobile application is registered with the remote system using a pre-shared key (PSK), and SMS source validation by the remote system is performed using timestamp and location information provided by the mobile device. Any specified command to be executed on the remote system is validated against a set of authorized commands. Such embodiments are particularly useful for cases in which there is no or very low strength infrastructure for full Internet connectivity and/or where remote services desire to stay isolated with no public network connectivity.

Abstract: Provided are an information processing device, etc. by which points can be given in various manners without performing complicated operations.

Abstract: A system and process for applying access groups for controlling data access, by a processor device. The process receives from a user a request to access data associated with a person from a file system, whereby the request invokes at least one software method. Next method interception is performed by matching the at least one software method. Group membership of the user and at least one group membership of the person is accessed. Determining if each of the following conditions of i) the user is a member of a specific group and ii) the specific group contains the person are verified. In response to the conditions being verified, the process sends the data to a user device to display to the user, otherwise denying the request to access data. Each group can have one or more criteria, which add patients to that group based on the conditions of those criteria.

Abstract: Disclosed are an identity authentication, number saving and sending, and number binding method, apparatus and device.

Abstract: Personalized sensory services are provided to mobile devices. As a sensor monitors an area of surveillance, the sensor may detect a passing mobile device. The sensor may thus ally itself to the passing mobile device and provide personalized sensory operations.

Abstract: An action recognition system is illustrated. The action recognition system has an annular body, at least one light emitting unit, at least one light sensing unit and an action recognition module. The annular body is worn on a movable part of a user. One end of the light emitting unit is exposed on an inner side of the annular body, wherein the light emitting unit emits a first light beam illuminating at least a portion of the movable part. One end of the light sensing unit is exposed on the inner side of the annular body. The light sensing unit operatively senses a second light beam reflected by the at least portion of the movable part and generates a light sensing signal. The action recognition module is configured to operatively determine an action of the user according to the light sensing signal.

Abstract: A fingerprint unlocking method, includes obtaining a fingerprint image through an optical fingerprint sensor of an electronic device when a user performs fingerprint unlocking on the electronic device; obtaining an extended fingerprint image by performing fingerprint extending processing on the fingerprint image according to a preset curvature; and unlocking the electronic device if the extended fingerprint image matches a preset fingerprint image.

Abstract: A wireless device enterprise management system and a method for operating the management system in a controlled environment is disclosed. The enterprise management system includes implementing a container-based file system on wireless devices within the controlled environment. Enterprise management system manages and controls the organization of files into one or more containers on each wireless device. Each container is associated with one or more execution rules that allow or restrict execution of files that are located in the container.

Abstract: An electronic device with a display and an embedded fingerprint sensor displays a lock screen on the display. While displaying the lock screen, the electronic device detects a first touch input on the embedded fingerprint sensor. In response to detecting the first touch input on the embedded fingerprint sensor: the electronic device, in accordance with a determination that first timing criteria are met, displays content of a plurality of messages; and the electronic device, in accordance with a determination that second timing criteria, different from the first timing criteria are met, ceases to display the lock screen and displaying a home screen use interface for the electronic device with a plurality of application icons.

Abstract: Apparatus and methods associated with the authentication of a welding or cutting torch with a power supply are provided. According to some implementations, the authentication includes encryption/decryption techniques initiated by the physical or virtual closure of one or more of a trigger switch and a parts-in-place switch. The delivery of high voltage welding or cutting power from the power supply to the torch being enabled only upon a successful authentication of the torch with the power supply.

Abstract: A tool for facilitating attaching a screen protector of a screen protector assembly to a display of an electronic device includes a tray, an alignment block, and a spring. The tray includes a first corner alignment feature, a second corner alignment feature, and an engagement feature for engaging the screen protector assembly. The tray also includes a movable arm for holding the screen protector assembly on the engagement feature. The alignment block is slidably attached to the tray to define an interior of the tool. The alignment block includes a first corner alignment feature, a second corner alignment feature, and an engagement feature for engaging the screen protector assembly. The spring is configured to push the alignment block toward the first and second corner alignment features of the tray to center the electronic device is in the tool for the attaching of the screen protector to the electronic device.

Abstract: A biological data registration support device includes: a control portion configured to acquire a plurality of registration scenarios, each including at least one verification method and associated with respective services, identify a verification method that is commonly included in the plurality of registration scenarios as a common verification method, and acquire one set of biological data for registration regarding the common verification method and one set of biological data for registration regarding the verification method other than the common verification method; and a transmitting portion configured to transmit the biological data for registration and the plurality registration scenarios acquired by the control portion.

Abstract: A system for verifying a user identity. The system comprises one or more memory devices storing instructions and one or more processors configured to execute the instructions. The processors are configured to receive information associated with an account of a user. The processors are further configured to generate a first profile, where the first profile being related to the user. The processors also receives an indication that the account is accessed by an accessor through an accessor device; and receive, from the accessor device, identity data comprising a plurality of data subsets associated with the accessor. The processors are configured to store the data subsets in respective clusters. The processors are further configured generate cluster analyses by analyzing the data subsets in respective clusters; and output the cluster analyses to node instances that weighs the cluster analyses outputs.

Abstract: A computer-based system and method for securing passwords, including: obtaining, by an authentication service, a plurality of public keys, each associated with one of a plurality of devices associated with a user; generating, by the authentication service, a password for the user; sending, by the authentication service, the password to a password management entity; encrypting, by the authentication service, the password with each of the public keys, thus generating a plurality of encrypted passwords, each encrypted with one of the public keys and associated with a device of the plurality of devices; and deleting the password by the authentication service.

Abstract: In accordance with an embodiment, a method of recognizing a biological target includes performing radar measurements for a plurality of sites on the biological target using a millimeter-wave radar sensor, producing a target data set for the plurality of sites based on the radar measurements, extracting features from the target data set, comparing the extracted features to stored features, and determining whether the extracted features match the stored features based on the comparing.

Abstract: Method of authentication including sending a login web page to a first device of a user including a scannable code having an envelope ID and a login challenge. The envelope ID generated by an identity manager is associated with a first envelope of data including a session ID. A confirmation login request is received from a second device associated with the user, and includes a second envelope of data comprising the session ID, a user ID, and a seal of the user ID registering the user ID with the identity manager. The confirmation login request to the login challenge is verified using the session ID, and the user is verified using the user ID and seal. User login is authorized upon successful verification of the login challenge and user, and a communication session having the session ID is established between the web server and the first device.

Abstract: Examples described herein include systems and methods for contextually providing automated device enrollment into a management system. A management application on a user device can receive network settings for connecting to a local server. The network settings can be preconfigured by an administrator. The management application can cause the user device to send an enrollment request and a device identifier to the local server. The device identifier can be used to validate the device and provide a security token to the management application. The management application can use the security token to complete enrollment of the user device.

Abstract: Various embodiments relate to a method performed by a processor of a computing system. An example method includes matching a possession object identifier with a stored user secret, generating a decryption key using the stored user secret as an input to a password authenticated key exchange protocol, decrypting an encrypted authentication data message using the decryption key, extracting a user secret from the biometric sample, authenticating the user by matching the extracted user secret with the stored user secret, and authenticating an identity of the user by matching the biometric sample with a biometric reference template associated with the possession object identifier.

Abstract: The invention includes a tool for the generation and usage of a dynamic polychrome lattice image for unique and secure authentication and verification purposes. The tool is multi-purposed and can be applied to a variety of use cases and may utilize multiple channels of communication between devices. The dynamic polychrome lattice image may be adjusted according to the display size and resolution of various user devices. System devices may scan the dynamic polychrome lattice image, and upon successful retrieval and decryption of the dynamic polychrome lattice image, the user may be authenticated and verified to access one or more programs or services.

Abstract: A system and method for recognizing a person, including: capturing an identifying feature of the person; identifying the person based on the identifying feature to return a person identity; using the person's identity, retrieving information about the person from a person information database; and displaying the retrieved information in an overlay with a facial image of the person to a user. menu items can also be displayed. The identifying feature may be a biometric or a non-biometric feature.

Abstract: A user may view a device with augmented reality glasses which may have a camera that views and collects data on the screen of the user device. When the user desires to access an account for which multifactor authentication is required, a one-time password may be sent to the user. The glasses may recognize the one-time password and determine if the one-time password originated from the user device. If the glasses verify that the one-time password originated from the user based on context of the user device display or the geographic locations of the devices, then the glasses will send the password to the service associated with the one-time password. The glasses may send the password back to the user device, send it to an intermediate server, or send it directly to the server associated with the service that provided the one-time password.

Abstract: A system and method of providing real time account information for financial accounts is disclosed. The system includes an event based architecture including an event stream. Financial transaction processing systems publish transaction events to the event stream. A transaction service listening to the event stream detects new transaction events. The transaction service takes action to enrich transaction data. A middleware system reconciles existing transactions and persists transaction records in long term storage. The system can retrieve real time enriched transaction data to calculate account summary information, including current account balances and projected future account balances. The system can also be used to provide real time notifications to customers using enriched transaction data.

Abstract: A system, method, and media for providing web-based security to a workflow process is presented. Data may be processed in a web-based workflow management system. The system may detect the transfer of high-level security data through the workflow. Upon detection of the data transfers the system may request review and approval in the form of a biometric input from an approved user to allow the data to be transferred.

Abstract: Described are systems and techniques configured to authenticate a user upon entry to a facility. Prior to entry, the user may log in to a secure website with valid credentials, whereupon a login image of the user at the time of login is acquired. In one implementation, optically encoded data is generated which includes data representative of the login image, an acquisition timestamp, and an identifier value. At entry of the user to the facility, an entry image of the user's face, an image of the optically encoded data as presented on a display of a computing device in possession of the user, and an entry timestamp are acquired. By determining the timestamp is within a valid range of time and the data representative of the login image corresponds to the entry image, the user is authenticated to the identifier value.

Abstract: Disclosed herein is a method of provisioning a virtual experience of a building based on user preference. The method may include receiving an identity data associated with an identity of a user, retrieving a user profile data based on the identity data, analyzing the user profile data using a machine learning model, determining at least one preference data based on the analyzing, identifying at least one virtual utility object based on the at least one preference data, generating an interactive 3D model data comprising the at least one virtual utility object, transmitting the interactive 3D model data to a user device configured to present the interactive 3D model data, receiving a reaction data from the user device. Further, the user device may include at least one sensor configured to generate the reaction data based on a behavioral reaction of a user consuming the interactive 3D model data.

Abstract: A data processing method, apparatus and system, for improving the security and accuracy in the data processing process. The method comprises: receiving target biometric information and verification password information of a target object sent by an acquisition institution server; recognizing, from registered biometric information of a plurality of objects, the registered biometric information matching the target biometric information; determining target account information of the target object according to the recognized registered biometric information; and sending a data processing request to a card issuing institution server corresponding to the target account information, the data processing request comprising the target account information and the verification password information, so that the card issuing institution server performs verification using the verification password information and performs data processing according to the target account information after the verification is passed.

Abstract: A system, device and method for fingerprint authentication using a watermarked digital image is provided. A device includes a display device including a touch screen configured to detect fingerprints; and, a controller. The controller: generates, at the display device, an image that includes, in one or more given areas, image-embedded fingerprint information; detects, at one or more portions of the touch screen respectively corresponding to the one or more given areas, user-fingerprint information representing a fingerprint; implements a comparison between the user-fingerprint information and the image-embedded fingerprint information; and when the comparison between the user-fingerprint information and the image-embedded fingerprint information is successful, implement an access process.

Abstract: Composite biometric authentication is provided to multiple users that share a financial account. The users can enroll the account for composite biometric authentication. The enrollment can include recording multiple biometrics of each user and storing them as a composite to use in authenticating user requests to authorize transactions involving the shared financial account. A unique combination of biometrics can be generated including a biometric of the multiple biometrics of each of the users and stored such that the unique combination must be provided to authenticate a future user request. To proceed with a transaction, a user of the multiple users initiates the transaction and provides their part of the unique combination. The other users provide their part of the unique combination by providing the specific biometric of the multiple biometrics they have previously provided. The transaction proceeds when all shares of the unique combination are provided and authenticated.

Abstract: A provider system is connected to readers disposed at distances from the provider system. A secure local connection is established between the client device and the provider system via one of the readers. Before the client reaches an access touchpoint, the provider system receives from the client device a request for client access, the provider system sends to the client device a request for identification information of the client, and the client device sends client information associated with a first mobile identification credential (MIC) which the client device received from an authorizing party system (APS), the client having consented to release the client information to the provider system, and the client information having been verified. The provider system uses the verified client information associated with the first MIC to verify or not verify the identity of the client before granting or denying the request to the client.

Abstract: A method for controlling access to an entrance may include receiving, via a network from a user terminal associated with a user, identity information and biological information related to the user. The method may also include obtaining a first determination whether the identity information matches the biological information. The method may also include obtaining a second determination whether the identity information has been registered in response to a result that the identity information matches the biological information. The method may also include transmitting the biological information to one or more authorization devices to provide a permission to the user in response to a result that the identity information has been registered. The permission may permit the user to access the entrance by inputting the biological information related to the user through one of the one or more authorization devices.

Abstract: A computer server system comprises a communications module; a processor coupled with the communications module; and a memory coupled to the processor and storing processor-executable instructions which, when executed by the processor, configure the processor to receive, via the communications module and from a server associated with a first device, a request to perform an operation; determine that the first device cannot perform the operation; send, via the communications module and to the server associated with the first device, a signal causing the first device to output a message indicating that the first device cannot perform the operation and requesting authentication from a second device; receive, via the communications module and from the second device, a signal including authentication information; and send, via the communications module and to the second device, a signal including a selectable option to perform the operation.

Abstract: Disclosed embodiments provide methods and systems to capture, persist, and access a real-time audio stream and metadata associated with a radio broadcast. The real-time audio stream is captured on an audio capture device comprising a real-time clock. The audio is associated with the points in time it is captured with time markers. In embodiments, the audio is encoded for transmission with the time markers to a remote server. After being captured, encoded, and associated with time markers, the audio is transmitted to a remote server for archiving. Client devices are used to provide access to archived content. Clients request portions of the real-time audio stream from the remote server, and identify the portions they are requesting by including in their request either real-time bounds, or other information which is associated on the remote server with real-time bounds, such as content descriptor types.

Abstract: According to one example arrangement, a computer implemented method performed by a computing system, includes identifying a user device associated with a user. Authentication information regarding the user indicative of use of the user device is captured. A confidence level for the user is dynamically adjusted based on the authentication information. The confidence level is responsive to the use of the user device by the user.

Abstract: A method for securing and authorizing sensitive operations is described. A computing device may receive a first authentication factor from a second computing device based on a request from the second computing device to authorize an operation; upon validating the first authentication factor, send to at least the second computing device and a third computing device, a request for a second authentication factor; and authorize the operation based on validating the second authentication factor from the second computing device or from the third computing device, or from both.

Abstract: An apparatus and method for joining an Internet of Things (IoT) network are provided, the apparatus including a communicator configured to receive, from an electronic device, an encrypted auto-onboard configuration data associated with the IoT network, a sensor configured to detect a user command, and at least one processor configured to generate a decryption key based on features extracted from the user command, decrypt the encrypted auto-onboard configuration data using the decryption key, and join the IoT network.